SET(TARGET_ASKUSER_NOTIFICATION_LIB "askuser-notification-ipc")
SET(TARGET_ASKUSER_NOTIFICATION_TEST "askuser-notification-test")
SET(TARGET_ASKUSER_NOTIFICATION_CLIENT_LIB "askuser-notification-client")
+SET(TARGET_PRIVACY_PRIVILEGE_MANAGER_CAPI_LIB "capi-privacy-privilege-manager")
SET(TARGET_PLUGIN_SERVICE "askuser-plugin-service")
ADD_SUBDIRECTORY(src/plugin)
ADD_SUBDIRECTORY(src/notification-daemon)
ADD_SUBDIRECTORY(src/common)
ADD_SUBDIRECTORY(src/common/protocol)
ADD_SUBDIRECTORY(src/client)
+ADD_SUBDIRECTORY(src/capi)
ADD_SUBDIRECTORY(pkgconfig)
BuildRequires: pkgconfig(security-manager)
BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(vconf)
+BuildRequires: pkgconfig(capi-base-common)
BuildRequires: pkgconfig(capi-ui-efl-util)
BuildRequires: pkgconfig(capi-system-info)
BuildRequires: coregl
%description client-devel
Askuser notification client library development files
+%package -n capi-privacy-privilege-manager
+Summary: Privacy Privilege Manager in TIZEN C API
+Requires: askuser-notification-client
+Requires(post): /sbin/ldconfig
+Requires(postun): /sbin/ldconfig
+
+%description -n capi-privacy-privilege-manager
+This CAPI allows an application to check if it has a given privilege.
+Additionally, for privacy privileges, it provides an ability to determine
+their statuses by displaying an appropriate pop-up dialog box. A user
+can make a decision whether to give a privilege to an application or not.
+
+%package -n capi-privacy-privilege-manager-devel
+Summary: Privacy Privilege Manager in TIZEN C API development files
+
+%description -n capi-privacy-privilege-manager-devel
+Privacy Privilege Manager in TIZEN C API development files
+
%prep
%setup -q
cp -a %{SOURCE1001} .
%postun client -p /sbin/ldconfig
+%post -n capi-privacy-privilege-manager -p /sbin/ldconfig
+
+%postun -n capi-privacy-privilege-manager -p /sbin/ldconfig
+
%files -f %{name}.lang
%manifest default.manifest
%license LICENSE
%{_includedir}/askuser-notification-client/*.h
%{_libdir}/pkgconfig/askuser-notification-client.pc
%{_libdir}/libaskuser-notification-client.so
+
+%files -n capi-privacy-privilege-manager
+%manifest default.manifest
+%license LICENSE
+%attr(644,-,-) %{_libdir}/libcapi-privacy-privilege-manager.so.*
+
+%files -n capi-privacy-privilege-manager-devel
+%{_includedir}/privacy-privilege-manager/*.h
+%{_libdir}/pkgconfig/capi-privacy-privilege-manager.pc
+%{_libdir}/libcapi-privacy-privilege-manager.so
+
#
ADD_SUBDIRECTORY(askuser-notification-client)
+ADD_SUBDIRECTORY(capi-privacy-privilege-manager)
--- /dev/null
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Piotr Sawicki <p.sawicki2@partner.samsung.com>
+#
+
+CONFIGURE_FILE(capi-privacy-privilege-manager.pc.in capi-privacy-privilege-manager.pc @ONLY)
+
+INSTALL(FILES
+ ${CMAKE_BINARY_DIR}/pkgconfig/capi-privacy-privilege-manager/capi-privacy-privilege-manager.pc
+ DESTINATION
+ ${LIB_INSTALL_DIR}/pkgconfig
+ )
+
--- /dev/null
+# Package Information for pkg-config
+
+prefix=@CMAKE_INSTALL_PREFIX@
+exec_prefix=@CMAKE_INSTALL_PREFIX@
+libdir=@LIB_INSTALL_DIR@
+includedir=@INCLUDE_INSTALL_DIR@
+
+Name: capi-privacy-privilege-manager
+Description: capi-privacy-privilege-manager library
+Version: @ASKUSER_VERSION@
+Requires: capi-base-common
+Libs: -L${libdir} -lcapi-privacy-privilege-manager
+Cflags: -I${includedir}/privacy-privilege-manager
--- /dev/null
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Piotr Sawicki <p.sawicki2@samsung.com>
+#
+
+SET(PRIVACY_PRIVILEGE_MANAGER_PATH ${ASKUSER_PATH}/capi)
+
+PKG_CHECK_MODULES(PRIVACY_PRIVILEGE_MANAGER_DEP
+ REQUIRED
+ capi-base-common
+ glib-2.0
+ )
+
+INCLUDE_DIRECTORIES(SYSTEM ${PRIVACY_PRIVILEGE_MANAGER_DEP_INCLUDE_DIRS})
+INCLUDE_DIRECTORIES(
+ ${PRIVACY_PRIVILEGE_MANAGER_PATH}/include
+ ${ASKUSER_PATH}/client/include
+ )
+
+SET(PRIVACY_PRIVILEGE_MANAGER_SOURCES
+ ${PRIVACY_PRIVILEGE_MANAGER_PATH}/impl/privacy_privilege_manager.c
+ )
+
+ADD_LIBRARY(${TARGET_PRIVACY_PRIVILEGE_MANAGER_CAPI_LIB} SHARED ${PRIVACY_PRIVILEGE_MANAGER_SOURCES})
+
+SET_TARGET_PROPERTIES(${TARGET_PRIVACY_PRIVILEGE_MANAGER_CAPI_LIB}
+ PROPERTIES
+ SOVERSION ${ASKUSER_VERSION_MAJOR}
+ VERSION ${ASKUSER_VERSION}
+ OUTPUT_NAME "capi-privacy-privilege-manager"
+ )
+
+LINK_DIRECTORIES(${PRIVACY_PRIVILEGE_MANAGER_DEP_LIBRARY_DIRS})
+
+TARGET_LINK_LIBRARIES(
+ ${TARGET_PRIVACY_PRIVILEGE_MANAGER_CAPI_LIB}
+ ${TARGET_ASKUSER_NOTIFICATION_CLIENT_LIB}
+ ${PRIVACY_PRIVILEGE_MANAGER_DEP_LIBRARIES}
+)
+
+INSTALL(TARGETS ${TARGET_PRIVACY_PRIVILEGE_MANAGER_CAPI_LIB}
+ DESTINATION ${LIB_INSTALL_DIR})
+
+FILE(GLOB HEADERS ${PRIVACY_PRIVILEGE_MANAGER_PATH}/include/*.h)
+INSTALL(FILES ${HEADERS}
+ DESTINATION ${INCLUDE_INSTALL_DIR}/privacy-privilege-manager)
+
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the License);
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an AS IS BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+#ifndef __PRIVACY_PRIVILEGE_MANAGER_DOC_H__
+#define __PRIVACY_PRIVILEGE_MANAGER_DOC_H__
+
+/**
+ * @ingroup CAPI_SECURITY_FRAMEWORK
+ * @defgroup CAPI_PRIVACY_PRIVILEGE_MANAGER_MODULE
+ * @brief The Privacy Privilege Manager API provides functions for retrieving and
+ * determining application's permissions to privacy privilege.
+ * @section CAPI_PRIVACY_PRIVILEGE_MANAGER_MODULE_HEADER Required Header
+ * \#include <privacy_privilege_manager.h>
+ *
+ * @section CAPI_PRIVACY_PRIVILEGE_MANAGER_MODULE_OVERVIEW Overview
+ * This module allows to check if an application has permission to use a given privilege.
+ * Moreover, it allows to determine a permission by displaying a UI dialog box (popup)
+ * and requesting users's response.
+ */
+
+#endif /* __PRIVACY_PRIVILEGE_MANAGER_DOC_H__ */
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+/**
+ * @file privacy_privilege_manager.c
+ * @author Piotr Sawicki <p.sawicki2@partner.samsung.com>
+ * @version 1.0
+ * @brief This file contains implementation of privacy_privilege_manager.h CAPI.
+ */
+
+#include <stdlib.h>
+#include <glib.h>
+#include <askuser-notification-client.h>
+
+#include <privacy_privilege_manager.h>
+
+askuser_client *client = NULL;
+struct ppm_private_struct {} *ppm_private = NULL;
+
+
+static ppm_error_e ask_user_to_ppm_error(int ask_error)
+{
+ ppm_error_e ret = PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE;
+
+ switch (ask_error) {
+ case ASKUSER_API_SUCCESS:
+ ret = PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE;
+ break;
+ case ASKUSER_API_UNKNOWN_ERROR:
+ ret = PRIVACY_PRIVILEGE_MANAGER_ERROR_IO_ERROR;
+ break;
+ case ASKUSER_API_OUT_OF_MEMORY:
+ ret = PRIVACY_PRIVILEGE_MANAGER_ERROR_OUT_OF_MEMORY;
+ break;
+ case ASKUSER_API_INVALID_PARAM:
+ ret = PRIVACY_PRIVILEGE_MANAGER_ERROR_INVALID_PARAMETER;
+ break;
+ case ASKUSER_API_CONNECTION_ERROR:
+ ret = PRIVACY_PRIVILEGE_MANAGER_ERROR_IO_ERROR;
+ break;
+ default:
+ break;
+ }
+
+ return ret;
+}
+
+static ppm_check_result_e ask_user_check_result_to_pps(askuser_check_result result)
+{
+ switch (result) {
+ case ASKUSER_CHECK_RESULT_ALLOW:
+ return PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_ALLOW;
+ case ASKUSER_CHECK_RESULT_DENY:
+ return PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_DENY;
+ case ASKUSER_CHECK_RESULT_ASK:
+ return PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_ASK;
+ }
+
+ return PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_DENY;
+}
+
+static int g_io_condition_to_askuser_events(GIOCondition cond)
+{
+ return ((cond & G_IO_IN) ? ASKUSER_READ_EVENT : 0) |
+ ((cond & G_IO_OUT) ? ASKUSER_WRITE_EVENT : 0);
+}
+
+static GIOCondition askuser_events_to_g_io_condition(int events)
+{
+ return ((events & ASKUSER_READ_EVENT) ? G_IO_IN : 0) |
+ ((events & ASKUSER_WRITE_EVENT) ? G_IO_OUT : 0);
+}
+
+static void ask_status_callback(int fd, int events, void *p_user_data)
+{
+ (void) fd;
+ (void) events;
+ (void) p_user_data;
+ g_io_condition_to_askuser_events(0);
+ askuser_events_to_g_io_condition(0);
+ // TODO register GIOChannel and GIOSource
+
+ // TODO register callback
+}
+
+static int ppm_init_client()
+{
+ if (ppm_private == NULL) {
+ ppm_private = (struct ppm_private_struct *) malloc(sizeof(struct ppm_private_struct));
+ if (ppm_private == NULL) {
+ return PRIVACY_PRIVILEGE_MANAGER_ERROR_OUT_OF_MEMORY;
+ }
+
+ int ret = askuser_client_initialize(&client, ask_status_callback, ppm_private);
+ if (ret != ASKUSER_API_SUCCESS) {
+ free(ppm_private);
+ ppm_private = NULL;
+ return ask_user_to_ppm_error(ret);
+ }
+ }
+
+ return PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE;
+}
+
+EXPORT_API
+int ppm_check_privilege(const char *privilege, ppm_check_result_e *result)
+{
+ if (!privilege || !result)
+ return PRIVACY_PRIVILEGE_MANAGER_ERROR_INVALID_PARAMETER;
+
+ int ret = ppm_init_client();
+ if (ret != PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE) {
+ return ret;
+ }
+
+ askuser_check_result check_result;
+ ret = askuser_client_check_privilege(client, privilege, &check_result);
+ if (ret != ASKUSER_API_SUCCESS) {
+ return ask_user_to_ppm_error(ret);
+ }
+
+ *result = ask_user_check_result_to_pps(check_result);
+
+ return PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE;
+}
+
+static void ppm_popup_response_callback(int request_id, askuser_call_cause cause,
+ askuser_popup_result result, void *p_user_data)
+{
+ (void) request_id;
+ (void) cause;
+ (void) result;
+ (void) p_user_data;
+
+ // TODO find callback (request_id) and user_data
+
+ // TODO convert cause and result
+
+ // TODO call callback
+
+ // TODO unregister callback and user_data
+}
+
+EXPORT_API
+int ppm_popup_request(const char *privilege, ppm_popup_response_cb callback,
+ void *user_data)
+{
+ if (!privilege || !callback) {
+ return PRIVACY_PRIVILEGE_MANAGER_ERROR_INVALID_PARAMETER;
+ }
+
+ int ret = ppm_init_client();
+ if (ret != PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE) {
+ return ret;
+ }
+
+ int request_id;
+ ret = askuser_client_popup_request(client, privilege, ppm_popup_response_callback,
+ ppm_private, &request_id);
+ if (ret != ASKUSER_API_SUCCESS) {
+ return ask_user_to_ppm_error(ret);
+ }
+
+ // TODO store callback and user_data under request_id key
+ (void) callback;
+ (void) user_data;
+
+ return PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE;
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#ifndef __PRIVACY_PRIVILEGE_MANAGER_H__
+#define __PRIVACY_PRIVILEGE_MANAGER_H__
+
+#include <tizen.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+ * @addtogroup CAPI_PRIVACY_PRIVILEGE_MANAGER_MODULE
+ * @{
+ * @brief
+ * This is a Privacy Privilege Manager API of the Security framework.
+ * @}
+ */
+
+/**
+ * @addtogroup CAPI_PRIVACY_PRIVILEGE_MANAGER_MODULE
+ * @since_tizen 4.0
+ * @{
+ */
+
+/**
+ * @brief Enumerations of error code for Privacy Privilege Manager.
+ * @since_tizen 4.0
+ */
+typedef enum
+{
+ /** Successful */
+ PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE = TIZEN_ERROR_NONE,
+ /** I/O error */
+ PRIVACY_PRIVILEGE_MANAGER_ERROR_IO_ERROR = TIZEN_ERROR_IO_ERROR,
+ /** Invalid parameter */
+ PRIVACY_PRIVILEGE_MANAGER_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER,
+ /** Out of memory */
+ PRIVACY_PRIVILEGE_MANAGER_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY,
+} ppm_error_e;
+
+/**
+ * @brief Enumerations of the result for privilege check function
+ * @since_tizen 4.0
+ */
+typedef enum {
+ /** An application has a privilege. */
+ PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_ALLOW,
+ /** An application doesn't have a privilege. */
+ PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_DENY,
+ /** A user should be asked whether grant a privilege to an application or not. */
+ PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_ASK,
+} ppm_check_result_e;
+
+/**
+ * @brief Enumerations of the user's decision result (popup).
+ * @since_tizen 4.0
+ */
+typedef enum {
+ /** A user granted a privilege to an application for an indefinite period of time. */
+ PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_ALLOW_FOREVER,
+ /** A user did not grant a privilege to an application for an indefinite period of time. */
+ PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_DENY_FOREVER,
+ /** A user did not grant a privilege to an application once. */
+ PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_DENY_ONCE,
+} ppm_popup_result_e;
+
+/**
+ * @brief Enumerations of the status code for popup response callback.
+ * @since_tizen 4.0
+ */
+typedef enum {
+ /** Callback was called with a valid answer. */
+ PRIVACY_PRIVILEGE_MANAGER_CALL_CAUSE_ANSWER,
+ /** Callback was called because of an error. */
+ PRIVACY_PRIVILEGE_MANAGER_CALL_CAUSE_ERROR,
+} ppm_call_cause_e;
+
+/**
+ * @}
+*/
+
+
+/**
+ * @addtogroup CAPI_PRIVACY_PRIVILEGE_MANAGER_MODULE
+ * @{
+ */
+
+/**
+ * @brief This callback function is called when a client receives a response
+ * upon calling ppm_popup_request().
+ *
+ * @since_tizen 4.0
+ *
+ * @param[in] cause A value representing the reason why this callback
+ * has been called.
+ * @param[in] result It is a result of response to request created by
+ * ppm_popup_request(). This should be interpreted as a
+ * valid value only if cause is equal to
+ * **PRIVACY_PRIVILEGE_MANAGER_CALL_CAUSE_ANSWER**.
+ * @param[in] user_data User specific data, this parameter is passed
+ * to ppm_popup_request().
+ *
+ * @see ppm_popup_request()
+ */
+typedef void (*ppm_popup_response_cb) (ppm_call_cause_e cause,
+ ppm_popup_result_e result,
+ void *user_data);
+
+/**
+ * @brief This function is called to check if an application, which calls this API,
+ * has permission to a given privilege.
+ * @privlevel public
+ *
+ * @since 4.0
+ *
+ * @param[in] privilege Privilege that is to be checked.
+ * @param[out] result The result of a privilege check.
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE Successful
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_IO_ERROR I/O error
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_OUT_OF_MEMORY Out of memory
+ */
+int ppm_check_privilege(const char *privilege, ppm_check_result_e *result);
+
+/**
+ * @brief This function is called to determine if an application needs to
+ * request a user's response to determine a permission to a given privilege.
+ *
+ * @since 4.0
+ *
+ * @privlevel public
+ * @details
+ * When this function is called, the underlying service may show an appropriate
+ * UI dialog box (popup) with a question. After user's decision, the service may
+ * modify the privacy policy when it is a definitive decision. After that, the
+ * service sends the response back to the application. The possible response
+ * values are as follows:
+ * PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_ALLOW_FOREVER, or
+ * PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_DENY_FOREVER, or
+ * PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_DENY_ONCE.
+ * The application is informed about user's decision by invoking previously registered
+ * ppm_popup_response_callback. When the policy for a given privilege is already
+ * resolved, no popup will be shown and the service will return immediately with
+ * an appropriate response:
+ * PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_ALLOW_FOREVER or
+ * PRIVACY_PRIVILEGE_MANAGER_POPUP_RESULT_DENY_FOREVER.
+ *
+ * @remarks
+ * If the result of calling ppm_check_privilege() is
+ * **PRIVACY_PRIVILEGE_MANAGER_CHECK_RESULT_ASK**, the application should call
+ * this function to determine whether a user allows an application to use
+ * a particular privilege or not.
+ *
+ * @param[in] privilege A privilege for which a popup must be shown.
+ * @param[in] callback A callback function which will be invoked
+ * when the API receives user's response.
+ * @param[in] user_data User specific data which will be passed to
+ * the registered callback.
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_NONE Successful
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_IO_ERROR I/O error
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #PRIVACY_PRIVILEGE_MANAGER_ERROR_OUT_OF_MEMORY Out of memory
+ *
+ * @post ppm_popup_response_cb() will be invoked.
+ * @see ppm_popup_response_cb()
+ */
+int ppm_popup_request(const char *privilege,
+ ppm_popup_response_cb callback,
+ void *user_data);
+
+/**
+ * @}
+ */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __PRIVACY_PRIVILEGE_MANAGER_H__ */
projects / platform / core / security / askuser.git / commitdiff